Conference Proceedings

Business analytics in information security risk management: The contingent effect on security performance

H Naseer, S Maynard, A Ahmad

24th European Conference on Information Systems, ECIS 2016 | ALSEL | Published : 2016


The process of information security risk management (ISRM) enables an organization to not only identify risks specific to its information and assets, but also to assess the impact and likelihood of a threat occurrence. Despite significant interest and investment in ISRM, its organizational practice still has deficiencies since it is not considered a standard management process of an organization and lacks evidence based decision making. Business analytics (BA) presents organizations with a unique opportunity to base their ISRM upon continuous monitoring and data analysis, thereby helping executives make timely, data driven security decisions in a proactive manner. In this research in progres..

View full abstract

Citation metrics